CVE-2024-21757 | Fortinet FortiManager/FortiAnalyzer up to 7.0.10/7.2.4/7.4.1 Configuration Backup unverified password change (FG-IR-23-467)

Posted by Angelo Barbosa | Aug 13, 2024 | CVE

A vulnerability classified as problematic was found in Fortinet FortiManager and FortiAnalyzer up to 7.0.10/7.2.4/7.4.1. Affected by this vulnerability is an unknown functionality of the component Configuration Backup Handler. The manipulation leads to unverified password change.

This vulnerability is known as CVE-2024-21757. The attack needs to be approached locally. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-21757 | Fortinet FortiManager/FortiAnalyzer up to 7.0.10/7.2.4/7.4.1 Configuration Backup unverified password change (FG-IR-23-467)

Related Posts

CVE-2024-6804 | Jeg Elementor Kit Plugin up to 2.6.7 on WordPress SVG File cross site scripting

CVE-2024-28165 | SAP BusinessObjects Business Intelligence Platform 430/440 Opendocument URL cross site scripting

CVE-2024-21597 | Juniper Junos OS on MX Packet Forwarding Engine exposure of resource (JSA75738)

CVE-2024-21843 | Intel Computing Improvement Program Software prior 2.4.0.10654 uncontrolled search path (intel-sa-01059)